Advertisement

A Deployment Value Model for Intrusion Detection Sensors

  • Siraj A. Shaikh
  • Howard Chivers
  • Philip Nobles
  • John A. Clark
  • Hao Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)

Abstract

The value of an intrusion detection sensor is often associated with its data collection and analysis features. Experience tells us such sensors fall under a range of different types and are diverse in their operational characteristics. There is a need to examine some of these characteristics to appreciate the value they add to intrusion detection deployments. This paper presents a model to determine the value derived from deploying sensors, which serves to be useful to analyse and compare intrusion detection deployments.

Keywords

Intrusion Detection Intrusion Detection System Sensor Placement Deployment Strategy Disruption Cost 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Shaikh, S.A., Chivers, H., Nobles, P., Clark, J.A., Chen, H.: Characterising intrusion detection sensors. Network Security 2008 (9), 10–12 (2008)Google Scholar
  2. 2.
    Shaikh, S.A., Chivers, H., Nobles, P., Clark, J.A., Chen, H.: Characterising intrusion detection sensors, part 2. Network Security 2008 (10), 8–11 (2008)Google Scholar
  3. 3.
    Chivers, H.: Security Design Analysis. York Computer Science Technical Report YCS 2006/06, University of York, UK (2006)Google Scholar
  4. 4.
    Cavusoglu, H., Mishra, B., Raghunathan, S.: The value of intrusion detection systems in information technology security architecture. Information Systems Research 16(1), 28–46 (2005)CrossRefGoogle Scholar
  5. 5.
    Lee, W., Fan, W., Miller, M., Stolfo, S.J., Zadok, E.: Toward cost-sensitive modeling for intrusion detection and response. Journal of Comp. Sec. 10(1-2), 5–22 (1993)Google Scholar
  6. 6.
    Stakhanova, N., Basu, S., Wong, J.: A cost-sensitive model for preemptive intrusion response systems. In: 21st International Conference on Advanced Information Networking and Applications (AINA 2007), pp. 428–435 (May 2007)Google Scholar
  7. 7.
    Noel, S., Jajodia, S.: Optimal ids sensor placement and alert prioritization using attack graphs. Journal of Network and Systems Management 16(3), 259–275 (2008)CrossRefGoogle Scholar
  8. 8.
    Rolando, M., Rossi, M., Sanarico, N., Mandrioli, D.: A formal approach to sensor placement and configuration in a network intrusion detection system. In: Proceedings of the 2006 International Workshop on Software Engineering for Secure Systems, pp. 65–71. ACM Press, New York (2006)CrossRefGoogle Scholar
  9. 9.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (May 2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Siraj A. Shaikh
    • 1
  • Howard Chivers
    • 1
  • Philip Nobles
    • 1
  • John A. Clark
    • 2
  • Hao Chen
    • 2
  1. 1.Department of Informatics and SensorsCranfield UniversityShrivenhamUK
  2. 2.Department of Computer ScienceYork UniversityYorkUK

Personalised recommendations